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I. Real Party in Interest 

The DirecTV Group, Inc., a Delaware corporation, is the Real Parly in Interest. 

II. Related Appeals and Interferences 

There are no known related appeals or interferences that will directly affect or be 
directly affected by or have a bearing on the Board's decision in the present appeal 

III. Status of Claims 

Claims 1-9 S 1 1-20, and 22-23 are pending. All of the claims are under final rejection. 

IV. Status of Amendments 

An amendment was filed on May 9, 2006 (subsequent to the final rejection). This 
amendment was entered by the Examiner. 



V. Summary of Claimed Subject Matter 

Virtual Private Networks (VPNs) are private data networks that make use of tunnels 
to maintain privacy when communicating over a public telecommunication infrastructure 
such as the Internet- 1 VPNs give server operators, such as corporations, the same capabilities 
and security that they would have if they used a private or switched network to conduct 
communications. 2 

Modems are used to communicate between different entities in networks. For 
instance, a computer might use a modem to establish a connection with the Internet. 3 
Unfortunately, in previous systems, multiple clients to the same client-side modem were not 
allowed to establish multiple VPN communication tunnels using the single modem. For 
instance, a husband and wife may have both wanted to telecommute with their offices from 
home using secure connections. However, previous approaches required both the husband 
and wife to purchase separate modems and utilize separate telephone lines. The additional 



1 App. as filed, see at least page 2, line 25 - page 3, line 5. 

2 App. see at least page 3, tinea 2-25. 

3 App. sec at least FIGS. 1-2; and page 3, lines 26 - page 4, line 5; page 8, lines 23-32; page 9, lines 18-20; page 

14, lines 15 - page 15, line 9. 
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modems were expensive to purchase and the added telephone lines increased inefficiencies in 
the overall system, 4 

The Applicants overcome the shortcomings of these previous approaches by 
providing approaches whereby a client computer is coupled to a single modem within the 
client-side system. 5 A request to establish a VPN session with a server-side system is 
received from a client computer and the request contains login details associated with a user 
at the computer. 6 A network address of the client computer is determined and the user is 
authenticated based on the login details. 7 A VPN tunnel is established between the client 
computer and the server-side system over the modem. 8 

Thereafter, a new request is received to establish a new VPN session with a different 
server-side system from a different client computer that is connected to the same modem in 
the client-side system. 9 The request contains new login details associated with the different 
computer. 10 A new network address of the different computer is determined and the new user 
is authenticated based upon these new login details. 11 Using this approach, separate tunnels 
are constructed over the same modem. 12 Consequently, the need for extra hardware (i.e., 
modems) is eliminated and system efficiency is enhanced. 

As shown in FIG. 1 of the application, reproduced below for the convenience of the 
reader, a system 100 comprises a client-side system 108, a service provider system 146, and a 
server side system 130. 13 The client side system includes multiple clients 102. 14 Separate 



4 App. see at least page 3, line 26 - page 4, line 7. 

5 App. see at least FIGS. 1-2, 4A; page 8, line 15 - page 9, line 6; page 10, lines 1-3. 

6 App. see for example FIGS. 1-2, 3B and 6; page 8, lines 23-28; page 9, hnes 1-19; page 1 5, lines 5-9; page 1 8, 

lines 7-14; page 19, line 30 - page 20, line 18. 

7 App, see at least FIGS. 1-2 and 3B-3C; page 15, lines 10-32; page 16, line i - page 17, line 16; page 20, lines 

5-32; page 21, line 27 -page 23, line 10, 

8 App, see at least FIGS. 1-2, 3A-Dand4A-C; page 1 1, lines 21-23; page 12, line 22-page 13, line 2; page 17, 

line 32 - page 1 8, line 25; page 1 8, line 26 - page 26, line 27; page 21, lines 3- 1 0; page 23, line 1 9 - page 
24, line 19. 

9 App. see for example FIGS. 4A-C and 5A-Q page 21, line 21 - page 26, line 27; page 26, line 27 - page 30, 

line 11. 

10 App. see at least FIGS. 1-2, 3B and 6; page 8, lines 23-28; page 9, lines 1-19; page 15, lines 5-9; page 18, 
lines 7-14; page 19, line 30 - page 20, line 18; page 24, lines 22-26. 

11 App. see at least FIGS. 1-2, 3A-D and 4A-C; page 11, lines 21-23; page 12, line 22-page 13, line 2; page 
17, line 32 - page IS, line 25; page 18, line 26 - page 26, line 27; page 21, lines 3-10; page 23, line 19 - 
page 24, line 19; page 24, lines 22-30; page 25, line 1 - page 26. line 27. 

12 App. see for example page 21, lines 11-20; page 26, lines 21-27, 

13 App. see for example FIG. I; page 8, line 15 - page 14, line 14. 

14 App, see at least FIG. 1 ; page 8, line 23 - page 9, line 1 9. 
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tunnels are established between different ones of these clients and ttie server side system. 15 
For instance, a tunnel may be established between the client 102(1) and the server side 
system 1 30. At the same time, a different tunnel may be established between the client 
102(2) and the server side system 130. 16 The tunnels are constructed over the same modem 
106 of the client-side system 108. 17 

To take one example using the system of FIG. 1, a husband can operate and conduct 
communications from a computer 102(1) and his wife can operate and conduct 
communications from a different computer 102(2). Using the Applicants' approaches, a 
tunnel may be established between the client 102(1) (i.e., the husband) and the server side 
system 130. Thereafter, a different tunnel may be established between the client 102(2) (i.e., 
the wife) and the server side system 130. Both tunnels are constructed using the same 
modem 106 within the client-side system 108, 1 * 



15 App. sec at least FIGS. 1-2, 3A-D and 4A-C; page 1 1, lines 21-23; page 12, line 22 -page 13, line 2; page 
17, line 32 - page 18, line 25; page 21, lines 3-10; page 23, line 19 - page 24, line 19. 

16 App. see for example FIGS. 3A-3D and 4A-4C; page24, lines 20-30. 

17 App. sec at least PICS* 3A-3D, 4A-4C and 5A-5C; page 1 1 , lines 21-23; page 12, line 22 - page 13, line 2; 
page 1 7, line 32 - page 1 8, line 25; page 1 8, line 26 - page 26, line 27. 

18 App. see at least FIGS- 1-2, 3A-3D, 4A-4C and 5A-5C; page 1 1, lines 21-23; page 12, line 22 - page 13, line 
2; page 17, line 32 -page 18, line 25; page 18, line 26 -page 26, line 27. 
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VI. Grounds of Rejection to be Reviewed on Appeal 

(A) Whether Claims 1-5, 8-9, 11-16, 19-20 and 22-23 are anticipated under 35 U.S,C. 
§102 by U.S. Published Application 2002/0178361 to Gentry ("the Gentry application**)? 

(B) Whether claims 6 and 17 are unpatentable under 35 U.S.C. §103 over Gentry? 

(C) Whether claims 7 and 1 8 are unpatentable under 35 U.S.C. § 103 over Gentry in 
view of U.S. Published Application 2002/0169988 to Vandergeest? 

VII. Argument 

(A) Claims 1-5, 8-9, 11-16, 19-30 and 22-23 are Not Anticipated by Gentry 

Claim 1 is an independent method claim and recites: 

1 . A computer implemented method for 
establishing a Virtual Private Network (VFN) communication 
tunnel between a client computer and a server-side system, 
comprising: 

receiving a request to establish a VPN session with 
a server-side system from at least one client computer out of a 
plurality of client computers coupled to a modem within a client- 
side system, where said request contains login details for a user of 
said at least one client computer; 

determining a network address of said at least one 
client computer, 

authenticating said user based on said user login 

details; 

establishing a VPN tunnel between said at least 
one client computer having said network address and said server- 
side system, where said VPN tunnel is established over said 
modem; 

receiving a new request to establish a new VPN 
session with a different server-side system from a different client 
computer out of said plurality of client computers coupled to said 
modem within said client-side system, where said request contains 
new login details foT a new user of said different client computer; 

determining a new network address of said 
different client computer; 

authenticating said new user based on said new 
user login details; and 

establishing a new VPN tunnel between said 
different client computer having said new network address and 
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said new server-side system, where said VPN tunnel is established 
over said modem. 

In other words, the Applicants claim establishing two tunnels between two different client 
computers and two different server side systems. Each of the different tunnels is also 
established with different login details. 

Without issuing a specific rejection, the Examiner hinted that the above recitations are 
not supported in the Specification. Specifically, the Examiner stated in the Advisory Action 
that "[tjhere is no specific saying [in the specification] that the connection would happen at 
the same time over the same modem. There is no specific saying if additional consideration 
is required in applying the method for more than one computer." The Applicants respectfully 
disagree with these assertions. 

Specifically, at page 3, lines 26-29 the Applicants state that current systems "do not 
allow multiple clients coupled to the same client side modem to establish multiple 
communication tunnels over the same modem." At page 6, lines 27-29, the Applicants state 
that "a VPN system is established that allows multiple clients coupled to the same client side 
modem to establish multiple VPN communication tunnels over the same modem." In 
addition, FIGs, 4a-c, "are flow charts of a method 400 for establishing multiple VPN tunnels 
over a single modem." Specification, page 21, lines 21-22. These flow charts show the 
establishment of a tunnel. Given the above-mentioned language, the approaches of FIGs. 4a- 
c can be repeatedly used to establish further tunnels. Consequently, the Applicants assert that 
the claim language recited in claim 1 is folly supported by the Specification. 

In his rejections, the Examiner asserted that FIGs. 1 and 2 of Gentry included all 
elements of claim 1 . Additionally, with respect to FIG. 1 of Gentry, the Examiner stated that 
'TIG. 1 shows that multiple connections are together, i.e., at the same location, it is clear that 
VPNs are for multiple computers at the same time and same location. As Gentry teaches 
sharing the Internet, it is clear that using the same WAN is intended. . . In summary Gentry 
does show sharing the Internet. . . in providing VPN connections for multiple computers and 
eliminating traditional leased lines over WAN; the WAN is over ISDN, i.e., a modem." The 
Applicants respectfully disagree with these rejections and statements and assert that claim 1 
is allowable over Gentjcy. 
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Specifically, FIG. 1 of Gentry (reproduced below for the convenience of the reader) 
shows a single computer system 100 communicating with multiple VPNs 120, 140 and 160. 
Gentry shows that the computer system 100 can communicate with the multiple VPNs by 
establishing multiple tunnels, one corresponding to each VPN (see Gentry paragraph 39). 

Each VPN 120, 140, and 160 is shown as including multiple computers. However, 
only one connection is shown ftom each of the VPNs 120, 140, and 160. Gentry is silent as 
to establishing two separate connections ftom two separate computers from the same client 
side system (e.g., VPN) as recited in claim 1. In fact, as shown in FIG. 1 of Gentry, the 
connection to each VPN 120, 140, or 160 is a connection to a single computer 130, 150, or 
170 within each VPN. 

Additionally, the connections ftom the VPNs 120, 140, and 160 are to the same 
computer system 100, not to different server side systems, as recited in claim 1 . 

Moreover, there is no teaching in Gentry that any of the multiple connections would 
use the same modem. In fact, since each tunnel is from a separate VPN and each VPN must 
communicate with the Internet 1 10, separate modems must be used to forward the 
communications to the Internet 110, This is exactly the opposite of the approach recited in 
claim 1, where a single modem carrying multiple connections is recited. 

Furthermore, although three connections are shown originating from the Internet 110, 
there is no indication these are made from the same modem. In any case, the modem recited 
in claim 1 is positioned within a client-side system (i.e., VPNs 120, 140, or 160), not within 
an intermediate network (i,e, the Internet 110). 
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Figure 1 
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The system illustrated in FIG. 2 of Gentry also does not contain various elements 
recited in claim 1 . Specifically, FIG. 2 of Gentry (reproduced below for the convenience of 
the reader) shows a single computer 200 communicating with multiple computers 230, 240, 
250, and 260. As shown in FIG. 2, single tunnels 235, 245, 255, and 265 connect one 
computer 200 to computers 230, 240, 250 s and 260. All the computers shown in FIG. 2 are 
located at the same site (i.e., within the same VFN). In other words, there is no indication 
that different client side computers are coupled to different server side system computers 
using different tunnels as recited m claim 1 , 




Figure 2 
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In both of these examples (shown in FIGs. 1 and 2 of Gentry), there is no teaching or 
suggestion in Gentry of different client computers communicating with different server side 
computers using the same modem. Consequently, the Applicants assert that claim 1 includes 
elements not taught or suggested by Gentry and that claim 1 is allowable over Gentry. 

Claims 13 and 22 have recitations similar to claim 1 and the Applicants assert that 
claims 1 3 and 22 are allowable for the same reasons as given above with respect to claim 1 . 
Claims 2-4, 8-9, 1 1-12, 14-16, 19-20, and 23 ultimately depend upon claims 1, 13, or 22 
which have been shown to be allowable above, and therefore, these claims are also allowable. 
In addition, they introduce additional content that, particularly when considered in context 
with the claims from which they depend, introduce additional incremental patentable subject 
matter. Accordingly, the Applicants reserve the right to present further arguments in the 
future with regard to these dependent claims if independent claims 1, 13, or 22 are found to 
be unpatentable. In view of the foregoing, the Applicants assert that claims 1-5, 8-9, 11-16, 
19-20 and 22-23 are allowable. 

(B) Claims 6 and 17 are Allowable over Gentry 

Claims 6 and 17 ultimately depend upon claims 1 and 1 3, which have been shown to 
be allowable above, and therefore, these claims are also allowable. In addition, they 
introduce additional content that, particularly when considered in context with the claims 
from which they depend, introduce additional incremental patentable subject matter, 
Accordingly, the Applicants reserve the right to present further arguments in the future with 
regard to these dependent claims if independent claims J and 13 are found to be unpatentable. 
In view of the foregoing, the Applicants assert that claims 6 and 17 are allowable. 

(C) Claims 7 and 18 are Allowable over Gentry in view of Vandergeest 
Claims 7 and 18 ultimately depend upon claims 1 and 13, which have been shown to 

be allowable above, and therefore, these claims are also allowable. In addition, they 
introduce additional content that, particularly when considered in context with the claims 
from which they depend, introduce additional incremental patentable subject matter. 
Accordingly, the Applicants reserve the right to present further arguments in the future with 
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regard to these dependent claims if independent claims 1 and 13 are found to be unpatentable. 

In view of the foregoing, the Applicants assert that claims 7 and 1 8 are allowable. 



In view of the foregoing, it is submitted that the application is in condition for 
allowance which is respectfully requested. The Commissioner is hereby authorized to charge 
any additional fees which may be required to Deposit Account No. 50-0383. 



Date: April 10, 2007 

The DIRECTV Group, Inc. 
CA/LA1/A109 
2230 E, Imperial Highway 
P.O. Box 956 

ElSegundo,CA 90245-0956 
Telephone: (310)964-4615 



VIII. Claims Appendix 



Conclusion 




Respectfully submitted, 



Page 12 of 20 



PAGE 13/21 * RCVD AT 4/10/2007 7:24:07 PM [Eastern Daylight Time] " SVR:USPTO-EFXRM/20 » DNIS:2738300 1 CSfD:31 09640941 ■ DURATION (mm-ss):05-14 



04/10/2007 16:30 FAX 3109640941 



P & L LEGAL 



1014/021 



Serial No. 09/940, 141 pr>20 1 1 1 8 



Claim 1 (Previously presented): A computer implemented method for 
establishing a Virtual Private Network (VPN) communication tunnel between a client computer 
and a server-side system, comprising: 

receiving a request to establish a VPN session with a server-side system from at 
least one client computer out of a plurality of client computers coupled to a modem within a 
client-side system, where said request contains login details for a user of said at least one client 
computer; 

determining a network address of said at least one client computer, 

authenticating said user based on said user login details; 

establishing a VPN tunnel between said at least one client computer having 
said network address and said server-side system, where said VPN tunnel is established over 
said modem; 

receiving a new request to establish a new VPN session with a different server- 
side system from a different client computer out of said plurality of client computers coupled to 
said modem within said client-side system, where said request contains new login details for a 
new user of said different client computer; 

determining a new network address of said different client computer; 

authenticating said new user based on said new user login details; and 

establishing a new VPN tunnel between said different client computer having 
said new network address and said new server-side system, where said VPN tunnel is 
established over said modem. 

Claim 2 (Original): The computer implemented method of claim 1, wherein 
said receiving further comprises obtaining security details from said client 

Claim 3 (Original): The computer implemented method of claim 1 , wherein said 
determining further comprises reading a connection log to extract the network address of said at 
least one client computer. 
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Claim 4 (Original): The computer implemented method of claim 1, further 
comprising the step, after said detennining step, of storing said network address. 

Claim 5 (Original): The computer implemented method of claim 1, wherein said 
authenticating further comprises the steps of: 

transmitting said login details to an authentication server for authentication; 

and 

accepting an authentication response from said server. 

Claim 6 (Original): The computer implemented method of claim 5, wherein said 
transmitting further comprises sending said login details to a Radius server, 

Claim 7 (Original): The computer implemented method of claim 1, wherein said 
authenticating step further comprises the steps of: 

transmitting said login details to an authentication server for authentication; 
accepting a challenge from said server, and 

re-tiansmitdng said login details to said authentication server for authentication. 

Claim S (Original): The computer implemented method of claim 1 , wherein said 
determining further comprises ascertaining an Internet Protocol (IP) address of said client 

Claim 9 (Original): The computer implemented method of claim 1, wherein said 
detennining further comprises ascertaining a Media Access Control (MAC) address of said 
client. 

Claim 10 (Canceled) 

Claim 1 1 (Previously presented): A computer implemented method for 
establishing a Virtual Private Network (VPN) communication tunnel between a client computer 
and a server-side system, comprising: 
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receiving a request to establish a VPN session with a server-side system from at 
least one client computer cut of a plurality of client computers coupled to a modem within a 
client-side system, where said request contains login details for a user of said at least one client 
computer, 

determining a network address of said at least one client computer, 

authenticating said user based on said user login details; 

establishing a VPN tunnel between said at least one client computer having said 
network address and said servoside system, where said VPN tunnel is established over said 
modem; 

receiving a new request to establish a new VPN session with said server-side 
system from a different client computer out of said plurality of client computers coupled to said 
modem within said client-side system, where said request contains new login details for a new 
user of said different client computer, 

determining a new network address of said different client computer, 
authenticating said new user based on said new user login details; and 
establishing a new VPN tunnel between said different client computer having said 
new network address and said server-side system, where said VPN tunnel is established over said 
modem. 

Claim 12 (Original): The computer implemented method of claim 1, further 
comprising severing the VPN tunnel after a predetermined time of inactivity. 

Claim 13 (Previously presented): A computer program product for use in 
conjunction with a computer system for establishing a Virtual Private Network (VPN) 
communication tunnel between a client computer and a server-side system, the computer 
program product comprising a computer readable storage and a computer program embedded 
therein, the computer program comprising: 

instructions for receiving a request to establish a VPN session with a server side 
system from at least one client computer out of a plurality of client computers coupled to a 
modem within a client-side system, where said request contains login details for a user of said 
at least one client computer; 
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instructions for determining a network address of said at least one client 

computer; 

instructions for authenticating said user based on said user login details; 

instructions for establishing a VPN tunnel between said at least one client 
computer having said network address and said server-side system, where said VPN tunnel is 
established over said modem; 

instructions for receiving a new request to establish a new VPN session with a 
different server-side system from a different client computer out of said plurality of client 
computers coupled to said modem within said client side system, where said request contains new 
login details for a new user of said different client computer; 

instructions for determining a new network address of said different client 

computer, 

instructions for authenticating said new user based on said new user login details; 

and 

instructions for establishing a new VPN tunnel between said different client 
computer having said new network address and said new server side system, where said VPN 
tunnel is established over said modem. 

Claim 14 (Original): The computer program product of claim 13, wherein said 
instructions for determining further comprise instructions for reading a connection log to extract 
the network address of said at least one client computer. 

Claim 1 5 (Original): The computer program product of claim 1 3, wherein said 
computer program further comprises instructions for storing said network address. 

Claim 16 (Original): The computer program product of claim 13, wherein said 
instructions for authenticating further comprise: 

instructions for transmitting said login details to an 
authentication server for authentication; and 

instructions for accepting an authentication response from said server. 
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Claim 17 (Original): The computer program product of claim 13, wherein said 
instructions for transmitting further comprise instructions for sending said login details to a 
Radius server. 

Claim 1 8 (Original); The computer program product of claim 1 3, wherein 
said instructions for authenticating further comprise: 

instructions for transmitting said login details to an authentication server for 

authentication; 

instructions for accepting a challenge from said server; and 

instructions for re-transmitting said login details to said authentication server for 

authentication. 

Claim 1 9 (Original): The computer program product of claim 1 3, wherein said 
instructions for determining further comprise instructions for ascertaining an Internet Protocol 
(IP) address of said client. 

Claim 20 (Original): The computer program product of claim 13, wherein said 
instructions for determining further comprise instructions for ascertaining a Media Access 
Control (MAC) address of said client 

Claim 21 (Canceled) 

Claim 22 (Previously presented): A computer program product for use in 
conjunction with a computer system for establishing a Virtual Private Network (VPN) 
communication tunnel between a client computer and a server-side system, the computer 
program product comprising a computer readable storage and a computer program embedded 
therein, the computer program comprising: 

instructions for receiving a request to establish a VPN session with a server side 
system from at least one client computer out of a plurality of client computers coupled to a 
modem within a client-side system, where said request contains login details for a user of said 
at least one client computer, 
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instructions for determining a network address of said at least one client 

computer; 

instructions for authenticating said user based on said user login details; 
instructions for establishing a VPN tunnel between said at least one client computer having said 
network address and said server-side system, where said YPN tunnel is established oyer said 
modem; 

instructions for receiving a new request to establish a new VPN session with said 
server-side system from a different client computer out of said plurality of client computers 
coupled to said modem within said client-side system, where said request contains new login 
details for a new user of said different client computer, 

instructions for determining a new network address of said different client 

computer; 

instructions for authenticating said new user based on said new user login details; 

and 

instructions for establishing a new VPN tunnel between said different client 
computer having said network address and said new server-side system, where said VPN tunnel 
is established over said modem. 

Claim 23 (Original): The computer program product of claim 1 3, wherein said 
computer program further comprises instructions for severing the VPN tunnel after a 
predetermined time of inactivity. 
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IX. Evidence Appendix 

Not Applicable. 
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X, Related Proceedings Appendix 

Not applicable. 
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